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LISTING OF THE CLAIMS 

1. (Previously Presented) A public key certificate issuing system comprising: 
a certificate authority for issuing a public key certificate used by an entity; and 
a registration authority which, on receiving a public key certificate issuance request from any 
one of entities under jurisdiction thereof, transmits the received request to said certificate authority; 

wherein said certificate authority, having a plurality of signature modules each executing a 
different encryption algorithm, selects at least one of said plurality of signature modules in 
accordance with said public key certificate issuance request from said registration authority based 
upon an identification of an assigned encryption algorithm, said identification of the assigned 
algorithm being made with reference to a table that associates the registration authority with the 
assigned encryption algorithm, and causes the selected signature module to attach a digital signature 
to message data constituting a public key certificate. 

2. (Previously Presented) A public key certificate issuing system according to claim 1, 
wherein said certificate authority has a certificate authority server for outputting a signature 
processing request to said plurality of signature modules; 

wherein said certificate authority server receives said public key certificate issuance request 
from said registration authority, selects at least one of said plurality of signature modules in 
response to said public key certificate issuance request, and outputs said signature processing 
request to the selected signature module; and 
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wherein each selected signature module attaches a digital signature to the message data 
constituting said public key certificate in response to said signature processing request received 
from said certificate authority server. 

3. (Previously Presented) A public key certificate issuing system according to claim 1, wherein 
said certificate authority has a registration authority management database which stores registration 
authority management data for associating registration authorities issuing public key certificate 
issuance requests with a encryption algorithm specific to each of said registration authorities; and 

wherein, given a public key certificate issuance request from any registration authority, said 
certificate authority selects the signature module associated with the relevant encryption algorithm 
based on said registration authority management data. 

4. (Previously Presented) A public key certificate issuing system according to claim 3, 
wherein said registration authority management data include key length and parameter information 
applicable to signatures. 

5. (Previously Presented) A public key certificate issuing system according to claim 3, 
wherein said registration authority management data include signature module identification 
information applicable to signatures. 

6. (Previously Presented) A public key certificate issuing system according to claim 1, wherein 
said registration authority transmits encryption algorithm designation information along with said 
public key certificate issuance request to said certificate authority; and 

wherein said certificate authority, based on said encryption algorithm designation information 
received along with said public key certificate issuance request, selects a signature module 
applicable to the designated encryption algorithm. 
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7. (Previously Presented) A public key certificate issuing system according to claim 6, wherein 
said encryption algorithm designation information includes key length and parameter information 
applicable to signatures. 

8. (Previously Presented) A public key certificate issuing system according to claim 1, 
wherein said certificate authority has a verification key database which stores keys for signature 
verification in association with each of said plurality of signature modules; and 

wherein said certificate authority verifies signatures generated by each of said plurality of 
signature modules. 

9. (Previously Presented) A public key certificate issuing system according to claim 1, wherein 
said certificate authority uses at least two of said plurality of signature modules to attach at least two 
different digital signatures to one public key certificate. 

10. (Previously Presented) A public key certificate issuing system according to claim 1, 
wherein said certificate authority selects at least two of said plurality of signature modules in order 
to have signature processing executed in steps by each of the selected signature modules used in 
concert for digital signature generation. 

11. (Previously Presented) A public key certificate issuing system according to claim 1, 
wherein said certificate authority and said registration authority each have a signature module 
structure management table which associates encryption algorithm identifiers with identifiers of said 
plurality of signature modules; 

wherein said registration authority issues to said certificate authority a public key certificate 
issuance request designating a encryption algorithm identifier in accordance with said signature 
module structure management table; and 
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wherein said certificate authority, upon receipt of said encryption algorithm identifier from said 
registration authority, selects the signature module applicable to the received identifier from said 
signature module structure management table. 

12. (Previously Presented) A public key certificate issuing system according to claim 1, 
wherein at least part of said plurality of signature modules have a common signature key stored 
therein. 

13. (Previously Presented) A public key certificate issuing system according to claim 1, 
wherein each of said plurality of signature modules is configured to execute multiple encryption 
algorithms. 

14. (Previously Presented) A public key certificate issuing method for use with a certificate 
authority for issuing a public key certificate used by an entity, and with a registration authority 
which, on receiving a public key certificate issuance request from any one of entities under 
jurisdiction thereof, transmits the received request to said certificate authority, the method 
comprising the steps of: 

causing said certificate authority to select, from among a plurality of signature modules each 
executing a different encryption algorithm, at least one of the signature modules in accordance with 
said public key certificate issuance request from said registration authority based upon an 
identification of an assigned encryption algorithm for the registration authority, said identification 
of the assigned algorithm being made with reference to a table that associates the registration 
authority with the assigned encryption algorithm; and 

causing the selected signature module to attach a digital signature to message data constituting 
a public key certificate. 
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15. (Previously Presented) A public key certificate issuing method according to claim 14, 
further comprising the steps of: 

causing a certificate authority server to receive a public key certificate issuance request from 
said registration authority; 

causing said certificate authority server to select at least one of said plurality of signature 
modules in response to said public key certificate issuance request; and 

causing said certificate authority server to output a signature processing request to the selected 
signature module. 

16. (Previously Presented) A public key certificate issuing method according to claim 15, 
wherein said step involving said certificate authority server selecting the signature module 
comprises selecting the signature module based on a registration authority management database 
which stores registration authority management data for associating registration authorities issuing 
public key certificate issuance requests with a encryption algorithm specific to each of said 
registration authorities. 

17. (Previously Presented) A public key certificate issuing method according to claim 15, 
wherein said step involving said certificate authority server selecting the signature module 
comprises selecting the signature module based on encryption algorithm designation information 
received along with said public key certificate issuance request. 

18. (Previously Presented) A public key certificate issuing method according to claim 14, 
further comprising the step of causing said certificate authority to verify signatures generated by 
each of said plurality of signature modules. 
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19. (Previously Presented) A public key certificate issuing method according to claim 14, 
further comprising the step of causing said certificate authority to use at least two of said plurality of 
signature modules to attach at least two different digital signatures to one public key certificate. 

20. (Previously Presented) A public key certificate issuing method according to claim 14, 
further comprising the step of causing said certificate authority to select at least two of said plurality 
of signature modules in order to have signature processing executed in steps by each of the selected 
signature modules used in concert for digital signature generation. 

21. (Previously Presented) A public key certificate issuing method according to claim 14, 
wherein said certificate authority and said registration authority each have a signature module 
structure management table which associates encryption algorithm identifiers with identifiers of said 
plurality of signature modules, said public key certificate issuing method further comprising the 
steps of: 

causing said registration authority to issue to said certificate authority a public key certificate 
issuance request designating a encryption algorithm identifier in accordance with said signature 
module structure management table; and 

causing said certificate authority, upon receipt of said encryption algorithm identifier from said 
registration authority, to select the signature module applicable to the received identifier from said 
signature module structure management table. 

22. (Previously Presented) A public key certificate issuing method according to claim 14, 
wherein each of said plurality of signature modules is configured to execute multiple encryption 
algorithms. 



7 



Application No. 10/041,964 Docket No.: SON-2320 

Request for Reconsideration dated March 30, 2007 
After Final Office Action of February 7, 2007 

23. (Previously Presented) A digital certification apparatus for constituting a certificate 
authority which issues a public key certificate used by an entity in association with a request 
transmitted to_the certificate authority by a registration authority: 

wherein said digital certification apparatus, having a plurality of signature modules each 
executing a different encryption algorithm, selects at least one of said plurality of signature modules 
in accordance with a public key certificate issuance request received from outside said digital 
certification apparatus and based upon an identification of an assigned encryption algorithm for the 
registration authority, said identification of the assigned algorithm being made with reference to a 
table that associates the registration authority with the assigned encryption algorithm, and causes the 
selected signature module to attach a digital signature to message data constituting a public key 
certificate. 

24. (Previously Presented) A digital certification apparatus according to claim 23, further 
comprising a plurality of signature modules and a certificate authority server for outputting a 
signature processing request to said plurality of signature modules; 

wherein said certification authority server receives said public key certificate issuance request, 
selects at least one of said plurality of signature modules in response to said public key certificate 
issuance request, and outputs said signature processing request to the selected signature module; and 

wherein each selected signature module attaches a digital signature to the message data 
constituting said public key certificate in response to said signature processing request received 
from said certificate authority server. 

25. (Previously Presented) A digital certification apparatus according to claim 23, further 
comprising a registration authority management database which stores registration authority 
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management data for associating registration authorities issuing public key certificate issuance 
requests with a encryption algorithm specific to each of said registration authorities; 

wherein, given a public key certificate issuance request from any registration authority, said 
digital certification apparatus selects the signature module associated with the relevant encryption 
algorithm based on said registration authority management data. 

26. (Previously Presented) A digital certification apparatus according to claim 25, wherein said 
registration authority management data include key length and parameter information applicable to 
signatures. 

27. (Previously Presented) A digital certification apparatus according to claim 25, wherein said 
registration authority management data include signature module identification information 
applicable to signatures. 

28. (Previously Presented) A digital certification apparatus according to claim 23, wherein 
said digital certification apparatus, based on encryption algorithm designation information received 
along with said public key certificate issuance request, selects a signature module applicable to the 
designated encryption algorithm. 

29. (Previously Presented) A digital certification apparatus according to claim 28, wherein said 
encryption algorithm designation information includes key length and parameter information 
applicable to signatures. 

30. (Previously Presented) A digital certification apparatus according to claim 23, further 
comprising a verification key database which stores keys for signature verification in association 
with each of said plurality of signature modules; 
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wherein said digital certification apparatus verifies signatures generated by each of said 
plurality of signature modules. 

31. (Previously Presented )A digital certification apparatus according to claim 23, wherein 
said digital certification apparatus uses at least two of said plurality of signature modules to attach at 
least two different digital signatures to one public key certificate. 

32. (Previously Presented) A digital certification apparatus according to claim 23, wherein 
said digital certification apparatus selects at least two of said plurality of signature modules in order 
to have signature processing executed in steps by each of the selected signature modules used in 
concert for digital signature generation. 

33. (Previously Presented) A digital certification apparatus according to claim 23, further 
comprising a signature module structure management table which associates encryption algorithm 
identifiers with identifiers of said plurality of signature modules; 

wherein said digital certification apparatus, upon receipt of a encryption algorithm identifier 
along with said public key certificate issuance request, selects the signature module applicable to the 
received identifier from said signature module structure management table. 

34. (Previously Presented) A digital certification apparatus according to claim 23, wherein at 
least part of said plurality of signature modules have a common signature key stored therein. 

35. (Previously Presented) A digital certification apparatus according to claim 23, wherein 
each of said plurality of signature modules is configured to execute multiple encryption algorithms. 

36. (Previously Presented) A program storage medium which stores a computer program 
executed by a computer system in carrying out public key certificate issuance processing to issue a 
public key certificate for use by an entity, said computer program comprising the steps of: 
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selecting, from among a plurality of signature modules each executing a different encryption 
algorithm, at least one of the signature modules in accordance with a public key certificate issuance 
request and with reference to a table that associates the registration authority with an assigned 
encryption algorithm; and 

causing the selected signature module to attach a digital signature to message data constituting 
a public key certificate. 
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